Canokey - KVM's Emulated GPG Smartcard

Canokey is a project to simulate a smartcard that deals with GPG keys among others. It is able to handle all kinds asymmetric ciphers including elliptic curves.

QEMU has developed a device that emulates and attaches it to a guest over USB. The upstream code needs to be built as there is no readily available package for it. However this is it - the trusted GPG holy-grail that Qubes had for some time now except it supports many more key types.

This is arguably easier to deal with than contorting a GPG key to fit into an emulated TPM.

https://www.qemu.org/docs/master/system/devices/canokey.html#id9

1 Like

Renewed push for Debian packaging by Canokey maintainers

1 Like

@HulaHoop
This is my first time hearing about this and it is intriguing ill have to dig in. As of late im now making the switch to KVM since I think it more secure. Oracle seems pretty slow responding to security vulns.

Thank you so much for your work on KVM versions of Whonix/Kicksecure I think this is what project needs to focus on more IMO. Again thx so much for your time effort and work in this area.

1 Like

I appreciate the kind words. Do let us know about your experiences with Canokey